heartcombo--devise/lib/devise/models/confirmable.rb

module Devise
  module Models
    # Confirmable is responsible to verify if an account is already confirmed to
    # sign in, and to send emails with confirmation instructions.
    # Confirmation instructions are sent to the user email after creating a
    # record and when manually requested by a new confirmation instruction request.
    #
    # == Options
    #
    # Confirmable adds the following options to devise_for:
    #
    #   * +confirm_within+: the time you want to allow the user to access his account
    #     before confirming it. After this period, the user access is denied. You can
    #     use this to let your user access some features of your application without
    #     confirming the account, but blocking it after a certain period (ie 7 days).
    #     By default confirm_within is zero, it means users always have to confirm to sign in.
    #
    # == Examples
    #
    #   User.find(1).confirm!      # returns true unless it's already confirmed
    #   User.find(1).confirmed?    # true/false
    #   User.find(1).send_confirmation_instructions # manually send instructions
    #
    module Confirmable
      extend ActiveSupport::Concern

      included do
        before_create :generate_confirmation_token, :if => :confirmation_required?
        after_create  :send_confirmation_instructions, :if => :confirmation_required?
      end

      # Confirm a user by setting it's confirmed_at to actual time. If the user
      # is already confirmed, add en error to email field
      def confirm!
        unless_confirmed do
          self.confirmation_token = nil
          self.confirmed_at = Time.now
          save(:validate => false)
        end
      end

      # Verifies whether a user is confirmed or not
      def confirmed?
        !!confirmed_at
      end

      # Send confirmation instructions by email
      def send_confirmation_instructions
        generate_confirmation_token! if self.confirmation_token.nil?
        ::Devise.mailer.confirmation_instructions(self).deliver
      end

      # Resend confirmation token. This method does not need to generate a new token.
      def resend_confirmation_token
        unless_confirmed { send_confirmation_instructions }
      end

      # Overwrites active? from Devise::Models::Activatable for confirmation
      # by verifying whether an user is active to sign in or not. If the user
      # is already confirmed, it should never be blocked. Otherwise we need to
      # calculate if the confirm time has not expired for this user.
      def active?
        super && (!confirmation_required? || confirmed? || confirmation_period_valid?)
      end

      # The message to be shown if the account is inactive.
      def inactive_message
        !confirmed? ? :unconfirmed : super
      end

      # If you don't want confirmation to be sent on create, neither a code
      # to be generated, call skip_confirmation!
      def skip_confirmation!
        self.confirmed_at = Time.now
      end

      protected

        # Callback to overwrite if confirmation is required or not.
        def confirmation_required?
          !confirmed?
        end

        # Checks if the confirmation for the user is within the limit time.
        # We do this by calculating if the difference between today and the
        # confirmation sent date does not exceed the confirm in time configured.
        # Confirm_in is a model configuration, must always be an integer value.
        #
        # Example:
        #
        #   # confirm_within = 1.day and confirmation_sent_at = today
        #   confirmation_period_valid?   # returns true
        #
        #   # confirm_within = 5.days and confirmation_sent_at = 4.days.ago
        #   confirmation_period_valid?   # returns true
        #
        #   # confirm_within = 5.days and confirmation_sent_at = 5.days.ago
        #   confirmation_period_valid?   # returns false
        #
        #   # confirm_within = 0.days
        #   confirmation_period_valid?   # will always return false
        #
        def confirmation_period_valid?
          confirmation_sent_at && confirmation_sent_at.utc >= self.class.confirm_within.ago
        end

        # Checks whether the record is confirmed or not, yielding to the block
        # if it's already confirmed, otherwise adds an error to email.
        def unless_confirmed
          unless confirmed?
            yield
          else
            self.errors.add(:email, :already_confirmed)
            false
          end
        end

        # Generates a new random token for confirmation, and stores the time
        # this token is being generated
        def generate_confirmation_token
          self.confirmed_at = nil
          self.confirmation_token = self.class.confirmation_token
          self.confirmation_sent_at = Time.now.utc
        end

        def generate_confirmation_token!
          generate_confirmation_token && save(:validate => false)
        end

      module ClassMethods
        # Attempt to find a user by it's email. If a record is found, send new
        # confirmation instructions to it. If not user is found, returns a new user
        # with an email not found error.
        # Options must contain the user email
        def send_confirmation_instructions(attributes={})
          confirmable = find_or_initialize_with_error_by(:email, attributes[:email], :not_found)
          confirmable.resend_confirmation_token if confirmable.persisted?
          confirmable
        end

        # Find a user by it's confirmation token and try to confirm it.
        # If no user is found, returns a new user with an error.
        # If the user is already confirmed, create an error for the user
        # Options must have the confirmation_token
        def confirm_by_token(confirmation_token)
          confirmable = find_or_initialize_with_error_by(:confirmation_token, confirmation_token)
          confirmable.confirm! if confirmable.persisted?
          confirmable
        end

        # Generate a token checking if one does not already exist in the database.
        def confirmation_token
          generate_token(:confirmation_token)
        end

        Devise::Models.config(self, :confirm_within)
      end
    end
  end
end
Adding confirmable module, generating confirmation code and confirming a user account. 2009-09-17 10:06:46 -04:00			`module Devise`
Moving modules inside respective Models module. 2009-10-09 07:30:25 -04:00			`module Models`
Adding some documentation. 2009-10-09 08:27:44 -04:00			`# Confirmable is responsible to verify if an account is already confirmed to`
Readme updates. 2009-10-13 16:01:42 -04:00			`# sign in, and to send emails with confirmation instructions.`
Adding some documentation. 2009-10-09 08:27:44 -04:00			`# Confirmation instructions are sent to the user email after creating a`
Remove inaccurate documentation regarding confirmable and changing emails. 2010-08-24 01:01:14 -04:00			`# record and when manually requested by a new confirmation instruction request.`
Documentation about confirm_in and remember_for configurations and some tests. 2009-10-22 07:49:19 -04:00			`#`
Add OAuth2 documentation. 2010-07-15 07:01:31 -04:00			`# == Options`
Documentation about confirm_in and remember_for configurations and some tests. 2009-10-22 07:49:19 -04:00			`#`
Add OAuth2 documentation. 2010-07-15 07:01:31 -04:00			`# Confirmable adds the following options to devise_for:`
Documentation about confirm_in and remember_for configurations and some tests. 2009-10-22 07:49:19 -04:00			`#`
Add OAuth2 documentation. 2010-07-15 07:01:31 -04:00			`# * +confirm_within+: the time you want to allow the user to access his account`
			`# before confirming it. After this period, the user access is denied. You can`
			`# use this to let your user access some features of your application without`
			`# confirming the account, but blocking it after a certain period (ie 7 days).`
			`# By default confirm_within is zero, it means users always have to confirm to sign in.`
			`#`
			`# == Examples`
Adding some documentation. 2009-10-09 08:27:44 -04:00			`#`
			`# User.find(1).confirm! # returns true unless it's already confirmed`
			`# User.find(1).confirmed? # true/false`
			`# User.find(1).send_confirmation_instructions # manually send instructions`
Add OAuth2 documentation. 2010-07-15 07:01:31 -04:00			`#`
Moving modules inside respective Models module. 2009-10-09 07:30:25 -04:00			`module Confirmable`
Use ActiveSupport::Concern. 2010-02-17 06:35:38 -05:00			`extend ActiveSupport::Concern`
Adding confirmable module, generating confirmation code and confirming a user account. 2009-09-17 10:06:46 -04:00
Use ActiveSupport::Concern. 2010-02-17 06:35:38 -05:00			`included do`
			`before_create :generate_confirmation_token, :if => :confirmation_required?`
			`after_create :send_confirmation_instructions, :if => :confirmation_required?`
Adding confirmable module, generating confirmation code and confirming a user account. 2009-09-17 10:06:46 -04:00			`end`

Moving modules inside respective Models module. 2009-10-09 07:30:25 -04:00			`# Confirm a user by setting it's confirmed_at to actual time. If the user`
			`# is already confirmed, add en error to email field`
			`def confirm!`
Moving perishable inclusion to active_record devise, to include just once. Also refactor confirm! method. 2009-10-15 15:43:30 -04:00			`unless_confirmed do`
Allow default_url to be set for Devise::Failure app. 2009-10-22 22:54:42 -04:00			`self.confirmation_token = nil`
			`self.confirmed_at = Time.now`
Got tests running on Rails 3: 369 tests, 486 assertions, 45 failures, 124 errors. 2010-02-16 08:31:49 -05:00			`save(:validate => false)`
Moving modules inside respective Models module. 2009-10-09 07:30:25 -04:00			`end`
Adding confirmable module, generating confirmation code and confirming a user account. 2009-09-17 10:06:46 -04:00			`end`
Ensure user won't be able to sign in after asking for confirmation instructions or updating it's email, forcing to pass the confirmation process. 2009-10-08 18:50:46 -04:00
Moving modules inside respective Models module. 2009-10-09 07:30:25 -04:00			`# Verifies whether a user is confirmed or not`
			`def confirmed?`
Use confirmed_at as flag. 2010-07-08 02:21:14 -04:00			`!!confirmed_at`
Ensure user won't be able to sign in after asking for confirmation instructions or updating it's email, forcing to pass the confirmation process. 2009-10-08 18:50:46 -04:00			`end`

Moving modules inside respective Models module. 2009-10-09 07:30:25 -04:00			`# Send confirmation instructions by email`
			`def send_confirmation_instructions`
Save confirmation token to the database, if one does not exist but was requested, closes #377 2010-07-14 12:03:34 -04:00			`generate_confirmation_token! if self.confirmation_token.nil?`
Allow the mailer class to be configured. 2010-06-12 14:56:55 -04:00			`::Devise.mailer.confirmation_instructions(self).deliver`
Adding hook to authenticate method for testing if a user is already confirmed. 2009-09-17 19:03:38 -04:00			`end`
Creating notifier and first attempt to send instructions to confirm by email. Some minor refactoring. 2009-09-17 18:54:19 -04:00
Fix some unlockable bugs. 2010-03-28 17:09:28 -04:00			`# Resend confirmation token. This method does not need to generate a new token.`
Clean up lockable and class methods API. 2010-03-10 10:13:54 -05:00			`def resend_confirmation_token`
Fix some unlockable bugs. 2010-03-28 17:09:28 -04:00			`unless_confirmed { send_confirmation_instructions }`
Creating confirmation controller and integration tests. 2009-10-07 23:53:04 -04:00			`end`

Extract Activatable from Confirmable, so if you need to active your account through other means, you can still do so and ensure cherry pick works as expected. 2009-12-20 07:53:53 -05:00			`# Overwrites active? from Devise::Models::Activatable for confirmation`
			`# by verifying whether an user is active to sign in or not. If the user`
			`# is already confirmed, it should never be blocked. Otherwise we need to`
			`# calculate if the confirm time has not expired for this user.`
Creating confirm_in configuration to confirmable and verifying whether the user is active during the configured time without confirming. 2009-10-20 19:32:30 -04:00			`def active?`
Mark confirmable roles as active when confirmation_required? is false Signed-off-by: José Valim <jose.valim@gmail.com> 2010-05-05 17:31:11 -04:00			`super && (!confirmation_required? \|\| confirmed? \|\| confirmation_period_valid?)`
Creating confirm_in configuration to confirmable and verifying whether the user is active during the configured time without confirming. 2009-10-20 19:32:30 -04:00			`end`

Extract Activatable from Confirmable, so if you need to active your account through other means, you can still do so and ensure cherry pick works as expected. 2009-12-20 07:53:53 -05:00			`# The message to be shown if the account is inactive.`
			`def inactive_message`
Clean up lockable and class methods API. 2010-03-10 10:13:54 -05:00			`!confirmed? ? :unconfirmed : super`
Extract Activatable from Confirmable, so if you need to active your account through other means, you can still do so and ensure cherry pick works as expected. 2009-12-20 07:53:53 -05:00			`end`

Added skip_confirmation! It skips confirmation token generation, e-mail sending and automatically sets confirmed_at. 2009-12-14 18:30:28 -05:00			`# If you don't want confirmation to be sent on create, neither a code`
			`# to be generated, call skip_confirmation!`
			`def skip_confirmation!`
Use confirmed_at as flag. 2010-07-08 02:21:14 -04:00			`self.confirmed_at = Time.now`
Added skip_confirmation! It skips confirmation token generation, e-mail sending and automatically sets confirmed_at. 2009-12-14 18:30:28 -05:00			`end`

Adding pepper and stretches configuration per model, and globaly setup through Devise.pepper and Devise.stretches 2009-10-20 09:08:40 -04:00			`protected`
Moving modules inside respective Models module. 2009-10-09 07:30:25 -04:00
Added skip_confirmation! It skips confirmation token generation, e-mail sending and automatically sets confirmed_at. 2009-12-14 18:30:28 -05:00			`# Callback to overwrite if confirmation is required or not.`
			`def confirmation_required?`
Use confirmed_at as flag. 2010-07-08 02:21:14 -04:00			`!confirmed?`
Added skip_confirmation! It skips confirmation token generation, e-mail sending and automatically sets confirmed_at. 2009-12-14 18:30:28 -05:00			`end`

Creating confirm_in configuration to confirmable and verifying whether the user is active during the configured time without confirming. 2009-10-20 19:32:30 -04:00			`# Checks if the confirmation for the user is within the limit time.`
			`# We do this by calculating if the difference between today and the`
			`# confirmation sent date does not exceed the confirm in time configured.`
			`# Confirm_in is a model configuration, must always be an integer value.`
Allow default_url to be set for Devise::Failure app. 2009-10-22 22:54:42 -04:00			`#`
Creating confirm_in configuration to confirmable and verifying whether the user is active during the configured time without confirming. 2009-10-20 19:32:30 -04:00			`# Example:`
Allow default_url to be set for Devise::Failure app. 2009-10-22 22:54:42 -04:00			`#`
Renamed confirm_in to confirm_within. 2009-10-30 05:23:47 -04:00			`# # confirm_within = 1.day and confirmation_sent_at = today`
Creating confirm_in configuration to confirmable and verifying whether the user is active during the configured time without confirming. 2009-10-20 19:32:30 -04:00			`# confirmation_period_valid? # returns true`
Allow default_url to be set for Devise::Failure app. 2009-10-22 22:54:42 -04:00			`#`
Renamed confirm_in to confirm_within. 2009-10-30 05:23:47 -04:00			`# # confirm_within = 5.days and confirmation_sent_at = 4.days.ago`
Creating confirm_in configuration to confirmable and verifying whether the user is active during the configured time without confirming. 2009-10-20 19:32:30 -04:00			`# confirmation_period_valid? # returns true`
Allow default_url to be set for Devise::Failure app. 2009-10-22 22:54:42 -04:00			`#`
Renamed confirm_in to confirm_within. 2009-10-30 05:23:47 -04:00			`# # confirm_within = 5.days and confirmation_sent_at = 5.days.ago`
Creating confirm_in configuration to confirmable and verifying whether the user is active during the configured time without confirming. 2009-10-20 19:32:30 -04:00			`# confirmation_period_valid? # returns false`
Allow default_url to be set for Devise::Failure app. 2009-10-22 22:54:42 -04:00			`#`
Renamed confirm_in to confirm_within. 2009-10-30 05:23:47 -04:00			`# # confirm_within = 0.days`
Creating confirm_in configuration to confirmable and verifying whether the user is active during the configured time without confirming. 2009-10-20 19:32:30 -04:00			`# confirmation_period_valid? # will always return false`
Allow default_url to be set for Devise::Failure app. 2009-10-22 22:54:42 -04:00			`#`
Creating confirm_in configuration to confirmable and verifying whether the user is active during the configured time without confirming. 2009-10-20 19:32:30 -04:00			`def confirmation_period_valid?`
Fix timeout tests. 2009-11-24 08:00:35 -05:00			`confirmation_sent_at && confirmation_sent_at.utc >= self.class.confirm_within.ago`
Moving modules inside respective Models module. 2009-10-09 07:30:25 -04:00			`end`

Separating perishable token into confirmation and reset_password tokens. Adding confirmation_sent_at attribute. 2009-10-18 07:14:52 -04:00			`# Checks whether the record is confirmed or not, yielding to the block`
			`# if it's already confirmed, otherwise adds an error to email.`
Moving perishable inclusion to active_record devise, to include just once. Also refactor confirm! method. 2009-10-15 15:43:30 -04:00			`def unless_confirmed`
			`unless confirmed?`
			`yield`
			`else`
Got all tests in test/models and failure app ones passing. 369 tests, 805 assertions, 13 failures, 2 errors. 2010-02-16 11:00:36 -05:00			`self.errors.add(:email, :already_confirmed)`
Moving perishable inclusion to active_record devise, to include just once. Also refactor confirm! method. 2009-10-15 15:43:30 -04:00			`false`
			`end`
			`end`

Separating perishable token into confirmation and reset_password tokens. Adding confirmation_sent_at attribute. 2009-10-18 07:14:52 -04:00			`# Generates a new random token for confirmation, and stores the time`
			`# this token is being generated`
			`def generate_confirmation_token`
Do not send confirmation e-mail when e-mail changes. 2009-10-30 05:49:18 -04:00			`self.confirmed_at = nil`
Initial work on making the authentication stack more flexible. 2010-03-29 10:13:19 -04:00			`self.confirmation_token = self.class.confirmation_token`
Separating perishable token into confirmation and reset_password tokens. Adding confirmation_sent_at attribute. 2009-10-18 07:14:52 -04:00			`self.confirmation_sent_at = Time.now.utc`
			`end`

Save confirmation token to the database, if one does not exist but was requested, closes #377 2010-07-14 12:03:34 -04:00			`def generate_confirmation_token!`
			`generate_confirmation_token && save(:validate => false)`
			`end`

Moving modules inside respective Models module. 2009-10-09 07:30:25 -04:00			`module ClassMethods`
			`# Attempt to find a user by it's email. If a record is found, send new`
			`# confirmation instructions to it. If not user is found, returns a new user`
			`# with an email not found error.`
			`# Options must contain the user email`
Updating sessions controller to use resource oriented style. Changing authenticate method to accept a hash of attributes. 2009-10-10 15:20:23 -04:00			`def send_confirmation_instructions(attributes={})`
Refactor common initialization with error. 2009-11-24 18:35:07 -05:00			`confirmable = find_or_initialize_with_error_by(:email, attributes[:email], :not_found)`
Use persisted? instead of new_record? In order to be more ActiveModel compliant, lets use persisted? whereever we can. Particularly for datamapper, new_record? causes api warnings. Better to stick to the ActiveModel api I think. 2010-03-28 16:26:07 -04:00			`confirmable.resend_confirmation_token if confirmable.persisted?`
Moving modules inside respective Models module. 2009-10-09 07:30:25 -04:00			`confirmable`
			`end`

			`# Find a user by it's confirmation token and try to confirm it.`
Refactoring find by confirmation and reset password token and updating TODO. 2009-10-18 08:16:30 -04:00			`# If no user is found, returns a new user with an error.`
Moving modules inside respective Models module. 2009-10-09 07:30:25 -04:00			`# If the user is already confirmed, create an error for the user`
Refactoring find by confirmation and reset password token and updating TODO. 2009-10-18 08:16:30 -04:00			`# Options must have the confirmation_token`
Clean up lockable and class methods API. 2010-03-10 10:13:54 -05:00			`def confirm_by_token(confirmation_token)`
			`confirmable = find_or_initialize_with_error_by(:confirmation_token, confirmation_token)`
Use persisted? instead of new_record? In order to be more ActiveModel compliant, lets use persisted? whereever we can. Particularly for datamapper, new_record? causes api warnings. Better to stick to the ActiveModel api I think. 2010-03-28 16:26:07 -04:00			`confirmable.confirm! if confirmable.persisted?`
Separating perishable token into confirmation and reset_password tokens. Adding confirmation_sent_at attribute. 2009-10-18 07:14:52 -04:00			`confirmable`
			`end`
Updating model_config and require confirmable hook with last changes. 2009-10-22 17:02:03 -04:00
Always loop before generating a token. 2010-07-18 17:32:56 -04:00			`# Generate a token checking if one does not already exist in the database.`
Initial work on making the authentication stack more flexible. 2010-03-29 10:13:19 -04:00			`def confirmation_token`
Always loop before generating a token. 2010-07-18 17:32:56 -04:00			`generate_token(:confirmation_token)`
Initial work on making the authentication stack more flexible. 2010-03-29 10:13:19 -04:00			`end`

Ensure all encryptor returns a symbol. Get the class using encryptor_class. 2009-11-22 19:32:54 -05:00			`Devise::Models.config(self, :confirm_within)`
			`end`
Adding confirmable module, generating confirmation code and confirming a user account. 2009-09-17 10:06:46 -04:00			`end`
			`end`
			`end`